<?php

/**
 * CodeRS - Atviras kodas Lietuvai
 * Copyright (C) 2007 CodeRS www.coders.lt info@coders.lt
 * MightMedia TVS
 * komentarai.php - vartotoju komentarai betkokiam puslapiui.
 * 
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 * 
 * 
 * Ši programa yra laisva. Jūs galite ją platinti ir/arba modifikuoti
 * remdamiesi Free Software Foundation paskelbtomis GNU Bendrosios
 * Viešosios licencijos sąlygomis: 2 licencijos versija, arba (savo
 * nuožiūra) bet kuria vėlesne versija.
 * 
 * Ši programa platinama su viltimi, kad ji bus naudinga, bet BE JOKIOS
 * GARANTIJOS; be jokios numanomos PERKAMUMO ar TINKAMUMO KONKRETIEMS
 * TIKSLAMS garantijos. Žiūrėkite GNU Bendrąją Viešąją licenciją norėdami
 * sužinoti smulkmenas.
 * 
 * Jūs turėjote kartu su šia programa gauti ir GNU Bendrosios Viešosios
 * licencijos kopija; jei ne - rašykite Free Software Foundation, Inc., 59
 * Temple Place - Suite 330, Boston, MA 02111-1307, USA.
**/

if (!defined("OK")) { header("HTTP/1.0 404 Not Found"); }

function komentarai($id,$hide=false) {
	global $url,$db,$ses;
	if (isset($url['id']) && isnum($url['id']) && $url['id'] > 0 && isnum($id) && $id > 0) {
		if (PRISIJUNGES) {
			$text = "
			<center>
			<form name=\"n_kom\" id=\"n_kom\" action=\"\" method=\"post\">
				".bbs('n_kom')." <textarea name=\"n_kom\" rows=5 cols=40 wrap=\"on\"></textarea><br/>
				<input type=\"hidden\" name=\"id\" value=\"".$id."\">
				<input type=\"submit\" name=\"Naujas\" value=\"Siųsti\">
			</form>
			</center>";
			hide("Parašyk komentarą",$text,$hide,"Naujo komentaro forma");
		}
		else { hide("Parašyk komentarą","Nori parašyti atsiliepimą ar komentarą? tai prisijunk arba prisiregistuok.",false,"Tik nariams"); }
		$sql = $db->uzklausa("SELECT * FROM `".LENTELES_PRIESAGA."kom` WHERE kid = '".$db->fix($id)."' AND pid = '".$db->fix((int)$url['id'])."' ORDER BY `data` DESC LIMIT 50",__FILE__,__LINE__);
		$text = '';
		while ($row = $db->masyvas($sql)) {
			$text .= "<div class=\"title\"><a href=\"#".$row['id']."\" name=\"".$row['id']."\" id=\"".$row['id']."\"><img src=\"images/icons/bullet_black.png\" alt=\"#\" class=\"middle\" border=\"0\"></a> ";
			if (LYGIS > 20) { $text .= "<a href='".url("dk,".$row['id']."")."' onclick=\"return confirm('Ar tikrai norite trinti?') \">[d]</a> "; }
			$text .= "<a href='?id,47;m,".$row['nick_id']."'>".$row['nick']."</a> ";
			if (LYGIS > 0 && $ses->user_data['username'] != $row['nick']) { $text .= "<a href='?id,45;n,1;u,".$row['nick']."'><img src='images/pm/mail.png' alt='mail' border='0'/></a> "; }
			$text .= " (".$row['data'].") ".naujas($row['data'],$row['nick'])."</div>
			<div class=\"sarasas\">".smile(bbchat(wrap(input($row['zinute']),80)))."</div><br/>";
		}
		if (!empty($text)) { echo lentele("Komentarai",$text); }
	}
}

//Irasom nauja komentara jei nurodytas puslapis, gal perdidele salyga bet saugumo sumetimais :)
if (isset($_POST['n_kom']) && !empty($_POST['n_kom']) && !empty($_POST['Naujas']) && $_POST['Naujas'] == "Siųsti" && isset($_POST['id']) && !empty($_POST['id']) && isnum($_POST['id']) && LYGIS > 0 && isset($ses->user_data['username']) && !empty($ses->user_data['username'])) {
	$db->uzklausa("UPDATE `".T_USERS."` SET taskai=taskai+1 WHERE username='" . $db->fix($ses->user_data['username']) ."' AND `user_id` = '" . $db->fix($ses->user_data['user_id']) ."'",__FILE__,__LINE__);
	$db->uzklausa("INSERT INTO `".LENTELES_PRIESAGA."kom` (`kid`, `pid`, `zinute`, `nick`, `nick_id`, `data`) VALUES ('".$db->fix($_POST['id'])."', '".$db->fix($url['id'])."', '".$db->fix($_POST['n_kom'])."', '".$db->fix($ses->user_data['username'])."', '".$db->fix($ses->user_data['user_id'])."', NOW())",__FILE__,__LINE__);
	header("Location: ".$_SERVER['HTTP_REFERER']."#".mysql_insert_id());
}

// Trinam komentara
if (isset($url['dk']) && isnum($url['dk']) && $url['dk'] > 0 && isset($url['id']) && !empty($url['id']) && isnum($url['id']) && ADMIN) {
	$id = (int)$url['dk'];
	$sql = $db->masyvas($db->uzklausa("SELECT nick, nick_id FROM `".LENTELES_PRIESAGA."kom` WHERE id='".$db->fix($id)."' LIMIT 1",__FILE__,__LINE__));
	$db->uzklausa("UPDATE `".T_USERS."` SET taskai=taskai-1 WHERE username='" . $db->fix($sql['nick']) ."' AND `user_id` = '" . $db->fix($sql['nick_id']) ."'",__FILE__,__LINE__);
	$db->uzklausa("DELETE FROM `".LENTELES_PRIESAGA."kom` WHERE id='".$db->fix($id)."' LIMIT 1",__FILE__,__LINE__);
	unset($id);
	header("Location: ".$_SERVER['HTTP_REFERER']."");
}
?>
